Example: dental hygienist

VENDOR RISK ASSESSMENT QUESTIONNAIRE FORM

VENDOR RISK ASSESSMENT QUESTIONNAIRE form . VENDOR NAME VENDOR ADDRESS. POINT OF CONTACT CONTACT INFORMATION. INSTRUCTIONS: Please complete this QUESTIONNAIRE in its entirety, leaving notes and attaching supporting documentation where necessary. Nature of Data VENDOR Will Have Access To check all that apply X DATA TYPE NOTES. No exchange of data Demographic data Financial Data Personal Data ( name, address, phone number). Non-public Personal Data ( SSN, medical, proprietary). Other: POLICIES AND PROCESSES. Yes No N/A QUESTION NOTES. Does your organization document, publish, and enforce security policies? Does your organization document and enforce HR policies? Does your organization document and enforce policies for authorized use of networked services?

Does your organization maintain a written policy regarding physical security requirements for the office? 4 MALWARE SECURITY MEASURES Yes No N/A QUESTION NOTES ... Is a third-party used to test network infrastructure security? Do you employ intrusion detection systems? 7 ADDITIONAL INFORMATION RISK ASSESSOR NAME AND TITLE SIGNATURE DATE .

Fullscreen Download

Tags:

  Policy, Form, Assessment, Infrastructures, Questionnaire, Risks, Physical, Vendor, Vendor risk assessment questionnaire form

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Transcription of VENDOR RISK ASSESSMENT QUESTIONNAIRE FORM

1 VENDOR RISK ASSESSMENT QUESTIONNAIRE form . VENDOR NAME VENDOR ADDRESS. POINT OF CONTACT CONTACT INFORMATION. INSTRUCTIONS: Please complete this QUESTIONNAIRE in its entirety, leaving notes and attaching supporting documentation where necessary. Nature of Data VENDOR Will Have Access To check all that apply X DATA TYPE NOTES. No exchange of data Demographic data Financial Data Personal Data ( name, address, phone number). Non-public Personal Data ( SSN, medical, proprietary). Other: POLICIES AND PROCESSES. Yes No N/A QUESTION NOTES. Does your organization document, publish, and enforce security policies? Does your organization document and enforce HR policies? Does your organization document and enforce policies for authorized use of networked services?

2 POLICIES AND PROCESSES continued Yes No N/A QUESTION NOTES. Does your organization document and enforce policies for authorized use of company email, internet, and intranet? Does your organization document and enforce encryption policies and standards? Does your organization document and enforce policies regarding the storage, use, and disposal of sensitive data? Does your organization document and enforce policies regarding the storage, use, and disposal of sensitive data by third parties? Does your organization outsource functionalities related to security management? Do policies and procedures adhere to and comply with privacy laws and regulations related to the security, concealment, and safeguard of customer data?

3 Are the penalties associated with non- compliance to your organization's policies well documented? 2. physical AND DATA CENTER SECURITY MEASURES. Yes No N/A QUESTION NOTES. Does your organization regularly review and assess physical - and environmental-related risks ? Do data center perimeter controls involve the use of access cards? Do data center perimeter controls involve the use of keypad controls? Do data center perimeter controls involve the use of security guards? Do data center perimeter controls involve the use of __[add measure here]__? Do you have business continuity procedures in place if the office is inaccessible for any reason? Is all network equipment physically secured? Does your organization use data center providers?

4 Does your organization utilize visitor logs? If so, are they maintained for more than 30 days? Does your organization maintain a written policy regarding physical security requirements for the office? 3. MALWARE SECURITY MEASURES. Yes No N/A QUESTION NOTES. Are all emails scanned for viruses? Is anti-virus software required and enabled on all network computers? Does anti-virus software have an established frequency of scanning on network computers? Does your organization allow the installation of non-approved software on network computers? 4. INFORMATION SECURITY MEASURES. Yes No N/A QUESTION NOTES. Does your organization have an information security program in place? (please provide a link in the Notes column to all relevant public- facing security and privacy policies).

5 If your organization has an information security program, does it apply to all operations and systems that process sensitive data? Are relevant staff and managers professionally certified in information security? Is administrator-level access limited on network infrastructure? Are strict controls in place in order to access security logs? NETWORK INFRASTRUCTURE SECURITY MEASURES. Yes No N/A QUESTION NOTES. Does your organization maintain a network security policy ? Are all routers systematized with access control lists to stifle unauthorized traffic? Are server operating systems patched at the latest level? Does your organization have a process in place to track and communicate vulnerability patches?

6 Does your organization back up your data? Are backups stored and tested? Are employee devices encrypted? Is a third-party used to test network infrastructure security? Do you employ intrusion detection systems? 6. ADDITIONAL INFORMATION. RISK ASSESSOR NAME AND TITLE SIGNATURE DATE. 7. DISCLAIMER. Any articles, templates, or information provided by Smartsheet on the website are for reference only. While we strive to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, articles, templates, or related graphics contained on the website.

7 Any reliance you place on such information is therefore strictly at your own risk.

Show more

Documents from same domain

05 Agile Development Cycle 06 Advantages & Disadvantages ...

05 Agile Development Cycle 06 Advantages & Disadvantages ...

www.smartsheet.com

Agile refers to any process that aligns with the concepts of the Agile Manifesto. In 2001, 17 software developers met to discuss lightweight development methods. They published the Manifesto for Agile Software Development, which covered how they found “better ways of developing software by doing it and helping others do it.” The Project Killer:

  Process, Software, Manifesto

M&A BUYER DUE DILIGENCE CHECKLIST - Smartsheet Inc.

M&A BUYER DUE DILIGENCE CHECKLIST - Smartsheet Inc.

www.smartsheet.com

M&A BUYER DUE DILIGENCE CHECKLIST ... Interest rates on existing debt Ability to service existing debt Ability to secure more financing Shareholder value analysis Compatibility audit ... LLC or partnership agreements Copy of all guarantees to which the company is a

  Checklist, Interest, Partnership, Buyers, Diligence, Buyer due diligence checklist

8D WORKSHEET TEMPLATE - Smartsheet Inc.

8D WORKSHEET TEMPLATE - Smartsheet Inc.

www.smartsheet.com

8D WORKSHEET TEMPLATE Use this worksheet to solve a problem using Ford’s Eight Disciplines (8D) approach. Each section requests information relevant to one of the disciplines. D1 TEAM MEMBERS Who is going to be part of the problem-solving team and who will lead it? What skills and roles are needed? D2 DESCRIBE THE PROBLEM Summarize the problem.

  Problem

CONSTRUCTION SUBMITTAL TRANSMITTAL FORM

CONSTRUCTION SUBMITTAL TRANSMITTAL FORM

www.smartsheet.com

CONSTRUCTION SUBMITTAL TRANSMITTAL FORM PROJECT NAME DATE OF SUBMISSION PROJECT MANAGER TRANSMITTAL NUMBER TRANSMITTED TO: (NAME/ADDRESS) SUBJECT OF SUBMITTAL SPECIFICATIONS CHECK ONE OF THE FOLLOWING: We have verified that the material or equipment contained in this submittal

  Form, Construction, Transmittal, Submittal, Construction submittal transmittal form

PRINTABLE PASSWORD KEEPER - Smartsheet Inc.

PRINTABLE PASSWORD KEEPER - Smartsheet Inc.

www.smartsheet.com

printable password keeper website website username username password password email email security answers security answers date last changed date last

  Password, Printable, Keeper, Printable password keeper

EMPLOYEE SELF-ASSESSMENT TEMPLATE

EMPLOYEE SELF-ASSESSMENT TEMPLATE

www.smartsheet.com

EMPLOYEE SELF-ASSESSMENT TEMPLATE NAME DEPARTMENT/UNIT JOB/ROLE PERIOD FOR SELF-REVIEW DATE OF SELF-REVIEW SUBMISSION Below, provide details and examples of your accomplishments during the review period. Include status/outcomes ... Treat this as an opportunity to self-assess your work performance to facilitate a substantial …

  Performance, Employee

BUSINESS CONTINUITY PLAN - Smartsheet Inc.

BUSINESS CONTINUITY PLAN - Smartsheet Inc.

www.smartsheet.com

disruptions or disasters, are maintained, controlled, and periodically checked on by Disaster Recovery/IT teams. ... Incident Commander, HR/PR Officer, Information Technology, Finance/Admin, Legal/Contacts D. DEPARTMENTAL RECOVERY TEAMS Business Continuity Coordinator, EOC Communications Team, EOC Human Resources Team, EOC Administration

  Business, Technology, Human, Plan, Resource, Human resources, Continuity, Disruption, Business continuity plan

MARKETING CAMPAIGN PROPOSAL - Smartsheet Inc.

MARKETING CAMPAIGN PROPOSAL - Smartsheet Inc.

www.smartsheet.com

MARKETING CAMPAIGN PROPOSAL TEMPLATE DISCLAIMER Any articles, templates, or information provided by Smartsheet on the website are for reference only. While we strive to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness,

  Marketing, Proposal, Campaign, Marketing campaign proposal

2021 PRINTABLE MONTHLY CALENDAR - Smartsheet Inc.

2021 PRINTABLE MONTHLY CALENDAR - Smartsheet Inc.

www.smartsheet.com

2021 PRINTABLE MONTHLY CALENDAR January 2021 SUN MON TUES WED THURS FRI SAT 1 2 New Year's Day 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

  2012, Calendar, Monthly, Printable, 2021 printable monthly calendar

ONE-PAGE BUSINESS PLAN TEMPLATE - Smartsheet Inc.

ONE-PAGE BUSINESS PLAN TEMPLATE - Smartsheet Inc.

www.smartsheet.com

one-page business plan template 1 – 2 sentence max per response what do we do? how do we do it? who do we serve? define customer problem define solution provided pricing + billing strategies income streams customer reach strategy referral generation strategy top competitors our competitive advantage success milestone

  Business, Plan, Business plan

Related documents

Facilities Management Policy and Procedures

Facilities Management Policy and Procedures

www.processdox.com

Physical security There are a number of risks and exposures to <company name>'s facilities. Specifically, all facilities supporting OSS, telecommunications switching equipment and network infrastructure are potential targets for vandalism, theft and attacks motivated by political or special causes. Moreover,

  Policy, Infrastructures, Physical

Addressing Africa’s Infrastructure Challenges - Deloitte

Addressing Africa’s Infrastructure Challenges - Deloitte

www2.deloitte.com

infrastructure. Physical infrastructure covering transportation, power and communication through its backward and forward linkages facilitates growth; while social infrastructure including water supply, sanitation, sewage disposal, education and health, which are in the nature of primary services, has a direct impact on the quality of life.

  Infrastructures, Challenges, Physical, Africa, Addressing, Addressing africa s infrastructure challenges, Physical infrastructure

Related search queries

Policy, Physical, Infrastructure, Addressing Africa’s Infrastructure Challenges, Physical infrastructure